Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mrseanryan/snyk-issue-cli

:bug: Simple Unix CLI to show security issues from Snyk for projects for your organisation
https://github.com/mrseanryan/snyk-issue-cli

cli security snyk unix

Last synced: 14 days ago
JSON representation

:bug: Simple Unix CLI to show security issues from Snyk for projects for your organisation

Host: GitHub
URL: https://github.com/mrseanryan/snyk-issue-cli
Owner: mrseanryan
License: mit
Created: 2021-09-09T14:34:16.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2022-04-29T13:24:39.000Z (over 2 years ago)
Last Synced: 2024-11-07T10:52:40.322Z (2 months ago)
Topics: cli, security, snyk, unix
Language: Shell
Homepage:
Size: 5.86 KB
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # snyk-issue-cli

:bug: Simple Unix CLI to show security issues from Snyk for projects for your organisation.

## Dependencies

| What | Details |

|---|---|

| OS | Unix (tested on Mac) |

| curl | The Unix command line tool to download from a URL |

| jq | The Unix command line to process JSON |

## Setup

1. Install the dependencies, if they are missing

2. Create a file `api_token.txt` that contains your Snyk API key

3. Create a file `org_id.txt` that contains the ID of your Snyk 'organisation'. Note: you may have many such 'organisations', depending on how you use Snyk.

You can get a list of your Snyk organisation IDs using curl:

```

curl --include \

     --header "Content-Type: application/json; charset=utf-8" \

     --header "Authorization: token " \

  'https://snyk.io/api/v1/orgs'

```

4. Create a file `jq_project_filter.txt` that contains a jq filter on your Snyk project names.

Example:

```

contains("MyProject1") or contains("Project2")

```

## Usage

`go.sh`

Example output:

```

src/my-project(master):my-app/My.Project.One/My.Project.One.csproj

"Vulnerability: Remote Code Execution (RCE) in [email protected] - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTENCODINGSWEB-1253267"

---------

src/my-project(release/1.1):my-app/My.Project.One.View/My.Project.One.View.csproj

"Vulnerability: Regular Expression Denial of Service (ReDoS) in [email protected] - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"

---------

src/my-project(release/1.1):modeler/My.Project.One/My.Project.One.csproj

"Vulnerability: Regular Expression Denial of Service (ReDoS) in [email protected] - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"

"Vulnerability: Denial of Service (DoS) in [email protected] - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"

```

## References

- [Snyk API via curl](https://snyk.io/blog/using-the-snyk-api-to-get-your-vulnerabilities/)